[unisog] Forensic Training

Michael Grinnell grinnell at american.edu
Wed Sep 28 20:40:03 GMT 2005


I haven't taken the Forensics track at SANS, but I've seen some of  
the material in other tracks.  IIRC, it's pretty good.  I think it  
uses Encase for Windows forensics and the Coroner's Toolkit for  
Linux.  Don't kill me if it's changed though, it's been a few years  
since I went to SANS.

Michael Grinnell
Network Security Administrator
The American University
e-mail: grinnell at american.edu

On Sep 28, 2005, at 4:16 PM, Allison MacFarlan wrote:

> I've taken the Encase class and it's good, but it's completely
> Encase-centric. And you'd probably be the only non-Law-Enforcement
> person in there. :-|
>
> On Sep 28, 2005, at 12:44 PM, Jeff Gimbel wrote:
>
>
>> Wondering if anyone has taken any forensic training and what you  
>> think
>> is
>> the best out there.  We are looking at Foundstone, Encase, SANS, ...
>> type of
>> training.  Any other suggestions?
>>
>> =======================
>> Jeff Gimbel
>> ITS/NDUS Help Desk Consultant
>> jeff.gimbel at ndsu.edu
>> =======================
>>
>>
>> _______________________________________________
>> unisog mailing list
>> unisog at lists.sans.org
>> http://www.dshield.org/mailman/listinfo/unisog
>>
>>
> +++++++++++++++++-+--+---+----+--
> Allison S. MacFarlan
> Information Security Officer
> Academic Media and Technology
> Yale University
> http://www.yale.edu/its/security/asm
> ph: 203-432-6684
> bp: 203-370-0554
>
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
>



More information about the unisog mailing list